CVE-2026-11852
6.5 MEDIUMDebusine is an integrated solution to build, distribute and maintain a Debian-based distribution
Published: 2026-06-10 · Last updated: 2026-06-10
Severity and scoring
- CVSS
- 6.5 MEDIUM
- Vector
- CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N
- CWE
- CWE-862
Description
Debusine is an integrated solution to build, distribute and maintain a Debian-based distribution. Files managed by debusine are organized into artifacts. The endpoints that create and delete relationships between artifacts enforced no permissions checks beyond being able to see the artifacts in question.
Source: NVD
References
- [NVD]https://nvd.nist.gov/vuln/detail/CVE-2026-11852
- [Other]https://salsa.debian.org/freexian-team/debusine/-/commit/98104f46dc546a27a0326d5ef728ac7f426c430a
- [Other]https://salsa.debian.org/freexian-team/debusine/-/merge_requests/2836
- [Other]https://salsa.debian.org/freexian-team/debusine/-/work_items/1499
Related CVEs
Same CWE
- CVE-2026-46645 — SQLAdmin is a flexible Admin interface for SQLAlchemy models (4.3 MEDIUM)
- CVE-2026-53634 — Sharp is a content management framework built for Laravel as a package (4.3 MEDIUM)
- CVE-2026-0272 — A privilege escalation vulnerability in Palo Alto Networks PAN-OS® software allows an authenticated administrator with access to the Comm...
- CVE-2026-49822 — Fission is an open-source, Kubernetes-native serverless framework that simplifies the deployment of functions and applications on Kubernetes (7.7 HIGH)
- CVE-2026-49821 — Fission is an open-source, Kubernetes-native serverless framework that simplifies the deployment of functions and applications on Kubernetes (7.7 HIGH)